Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ee2d44f by Salvatore Bonaccorso at 2025-03-03T21:42:39+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-27501 (OpenZiti is a free and open source project focused on bringing
zero tr ...)
- TODO: check
+ NOT-FOR-US: OpenZiti
CVE-2025-27500 (OpenZiti is a free and open source project focused on bringing
zero tr ...)
- TODO: check
+ NOT-FOR-US: OpenZiti
CVE-2025-27499 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
NOT-FOR-US: WeGIA
CVE-2025-27498 (aes-gcm is a pure Rust implementation of the AES-GCM. In
decrypt_in_pl ...)
@@ -9,9 +9,9 @@ CVE-2025-27498 (aes-gcm is a pure Rust implementation of the
AES-GCM. In decrypt
CVE-2025-27423 (Vim is an open source, command line text editor. Vim is
distributed wi ...)
TODO: check
CVE-2025-27422 (FACTION is a PenTesting Report Generation and Collaboration
Framework. ...)
- TODO: check
+ NOT-FOR-US: FACTION
CVE-2025-27421 (Abacus is a highly scalable and stateless counting API. A
critical gor ...)
- TODO: check
+ NOT-FOR-US: Abacus
CVE-2025-27420 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
NOT-FOR-US: WeGIA
CVE-2025-27419 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
@@ -25,81 +25,81 @@ CVE-2025-27371 (In certain IETF OAuth 2.0-related
specifications, when the JSON
CVE-2025-27370 (OpenID Connect Core through 1.0 errata set 2 allows audience
injection ...)
TODO: check
CVE-2025-27279 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27278 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27275 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27274 (Path Traversal vulnerability in NotFound GPX Viewer allows
Path Traver ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27273 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27271 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27270 (Missing Authorization vulnerability in NotFound Residential
Address De ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27269 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27268 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27264 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27263 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27099 (Tuleap is an Open Source Suite to improve management of
software devel ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-27094 (Tuleap is an open-source suite designed to improve software
developmen ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-26999 (Deserialization of Untrusted Data vulnerability in Metagauss
ProfileGr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26994 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26989 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26988 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26984 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26970 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26967 (Deserialization of Untrusted Data vulnerability in Stiofan
Events Cale ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26918 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26917 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26914 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26885 (Deserialization of Untrusted Data vulnerability in Brent Jett
Assistan ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26879 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26589 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26588 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26587 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26586 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26585 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26563 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26557 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26540 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26535 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26534 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26206 (Cross Site Request Forgery vulnerability in sell done
storefront v.1.0 ...)
TODO: check
CVE-2025-25967 (Acora CMS version 10.1.1 is vulnerable to Cross-Site Request
Forgery ( ...)
- TODO: check
+ NOT-FOR-US: Acora CMS
CVE-2025-25939 (Reprise License Manager 14.2 is vulnerable to reflected
cross-site scr ...)
- TODO: check
+ NOT-FOR-US: Reprise License Manager
CVE-2025-25303 (The MouseTooltipTranslator Chrome extension allows mouseover
translati ...)
TODO: check
CVE-2025-25302 (Rembg is a tool to remove images background. In Rembg 2.0.57
and earli ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ee2d44f7eb83d952b2f35e4713fc5304cecfcb5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ee2d44f7eb83d952b2f35e4713fc5304cecfcb5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
